Network technologies and trends » FTPhttp://itknowledgeexchange.techtarget.com/network-technologies
Fri, 31 Jul 2015 12:47:50 +0000en-UShourly1Beware of Trojanized version of PuTTYhttp://itknowledgeexchange.techtarget.com/network-technologies/beware-of-trojanized-version-of-putty/
http://itknowledgeexchange.techtarget.com/network-technologies/beware-of-trojanized-version-of-putty/#commentsThu, 21 May 2015 18:28:59 +0000http://itknowledgeexchange.techtarget.com/network-technologies/?p=1659It all started in late 2013 and early2014, a compromised FTP client dubbed “StealZilla,” based off the open source FileZilla FTP client was discovered. Now in 2015 new attack is discovered based on the same techniques and the actors as StealZilla” to alter the source code of the widely used open source Telnet/SSH client, PuTTY, and use their network of compromised web servers to serve up similar fake Putty download pages.

Picture Source: Cisco Blog

This trojanized version of PuTTY harvests credentials and relays the information back to a collection server in the same way too. The operation is very quick and quiet. Login details are sent to attackers using an HTTP GET connection ONLY once.

This is quite dangerous and its recommended not to download PuTTY from un known websites. .o check the versions to make sure its genuine Since PuTTY is an open source client many Networking professionals grab this software to access their critical network appliances.

Few days back Cisco posted a detailed blog with detailed analysis, it worth to read this article.